This section is intended to introduce the reader to various aspects of art, which may be related to various aspects of the present invention that are described and/or claimed below. This discussion is believed to be helpful in providing the reader with background information to facilitate a better understanding of the various aspects of the present invention. Accordingly, it should be understood that these statements are to be read in this light, and not as admissions of prior art.
There are two main families of solutions for controlling access to digital content such as films, music and computer files: access control and encryption.
In access control, a user requests access to a content from a server and then, if access is granted, receives the content from the server.
A typical prior art example of encryption is illustrated in FIG. 1. Clear (i.e. non-encrypted) content 110 is provided to a scrambler 120 that also takes one or more so-called control words (CWs, also called keys) 140 as input to an encryption algorithm in order to output scrambled (i.e. encrypted) content 130. A receiver takes the encrypted content and the control word(s) (or equivalents thereto) as input to a corresponding decryption algorithm so as to restore the clear content. In symmetric encryption (e.g. AES), the control word(s) used for encryption and decryption are the same; in asymmetric encryption (e.g. RSA), they are different but linked to one another.
Encrypted content may be distributed freely, but a user who does not possess a secret necessary for decryption cannot normally decrypt and access the content. Such a secret may for example take the form of:                A password input by a user, where the password triggers decryption, either by having the password act as an authorization signal to a decryption device that stores the secret or by using the secret (or information derived from it) as a decryption key.        A valid license delivered to the user, wherein the license usually comprises the decryption key. This solution can be transparent to the user.        A physical token that provides the decryption key.        
Continuing the encryption example of FIG. 1, the secret that is necessary for decryption is the control word(s) that may be delivered as described.
US 2006/0156003 describes a system in which encrypted content and a corresponding license are delivered to a receiver that decrypts the content and inserts a watermark that may comprise information specific to the receiver and content-related information from the license. While this solution works well, it is in some cases ‘heavy’ as it requires the ability to handle licenses.
Encryption using passwords overcomes the necessity to handle licenses, but a problem with it is that once the user has obtained the password, the password may be spread to other users without authorization. This problem does not exist, or is at least much less pronounced, in the cases where decryption is controlled using a license or a physical token.
It can thus be appreciated that there is a need for a solution that makes the decryption using a password more secure. The present invention provides such a solution.